Bug 131390 - crond core when selinux not enabled and crontab has no jobs
crond core when selinux not enabled and crontab has no jobs
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: vixie-cron (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jason Vas Dias
Brock Organ
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-08-31 16:47 EDT by Jason Vas Dias
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version: vixie-cron-4.1-10
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-08-31 16:52:55 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jason Vas Dias 2004-08-31 16:47:56 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040510

Description of problem:
 crond can get a SIGSEGV and generate core (or die silently) if
 selinux is not enabled (is_selinux_enabled()==0) and a crontab
 file contains no valid jobs (eg. is empty or contains only comments).


Version-Release number of selected component (if applicable):
vixie-cron-4.1-9

How reproducible:
Always

Steps to Reproduce:
1. install FC3 with selinux disabled
2. create crontab with no jobs - just a commented line

    

Actual Results:  crond gets SIGSEGV and is not running

Expected Results:  crond should continue running

Additional info:
Comment 1 Jason Vas Dias 2004-08-31 16:52:55 EDT
This was caused by most recent selinux patch in user.c:
in load_user(), if is_selinux_enabled() was false, the user->scontext
pointer was not assigned or initialized (could contain garbage)
which was then always free'd in free_user with freecon() - the
core always happened in freecon with u->context being "address out of
bounds".
If is_selinux_enabled is false, then u->scontext is initialized
to NULL, and free_user will now only free it if it is non-null.
 

Note You need to log in before you can comment on or make changes to this bug.